@samueleng.se.bsky.social
πΌ Trusted Security Advisor at Onevinn
π£ New blog article β¬οΈ
blog.samueleng.se/posts/2025-1...
Conditional Access Back to Basics - What are "Cloud Apps" and why can't I find my app in the picker?
#conditionalaccess #entra #entraid
π£ New blog article
RDP connection to a Microsoft Entraβjoined machine using Entra ID cloud account from macOS is not as straightforward as it seems.
blog.samueleng.se/posts/2025-0...
Block password additions is a massive security enhancement π
17.09.2025 06:55 β π 1 π 0 π¬ 1 π 0Got it π I really appreciate your response
13.09.2025 08:04 β π 2 π 0 π¬ 0 π 0@danielbradley.bsky.social Really enjoyed the Entra Docs Tracker, great idea, and thank you! π Any plans to open-source it? Iβm thinking about other MS Docs repos Iβd like to track.
01.09.2025 09:53 β π 0 π 0 π¬ 0 π 0Tagging additional Entra authorities for possible answers π @fabian.bader.cloud @dirkjanm.io
31.08.2025 16:13 β π 1 π 0 π¬ 1 π 0I see. My initial thought was that the attribute serves as a proxy indicator for the type of service principal (i.e., whether CA can be applied).
29.08.2025 19:42 β π 1 π 0 π¬ 0 π 0Does anyone know why the Conditional Access app picker applies the filter servicePrincipals?$filter=preferredSingleSignOnMode ne 'notSupported'? Is there any correlation with public vs. confidential clients or web vs. mobile clients? @merill.net @cbrhh.bsky.social @nathanmcnulty.com
29.08.2025 12:01 β π 1 π 0 π¬ 2 π 0Well deserved @nathanmcnulty.com! ππ
02.05.2025 15:51 β π 1 π 0 π¬ 1 π 0I can confirm that I tried it in my lab tenant, and it is working as expected. π
05.03.2025 10:25 β π 1 π 0 π¬ 0 π 0ππI admire your dedication π
05.03.2025 10:23 β π 1 π 0 π¬ 1 π 0Out of curiosity, what did you base your announcement on? π
05.03.2025 10:13 β π 0 π 0 π¬ 1 π 0Great news! Are there any updates on Learn or official announcements?
05.03.2025 08:23 β π 0 π 0 π¬ 1 π 0Ping @merill.net π
26.02.2025 10:26 β π 1 π 0 π¬ 1 π 0
@merill.net Maester GitHub actions issue?
17.02.2025 18:46 β π 1 π 0 π¬ 1 π 0
π£Β Highlighting two Microsoft Entra products working together - External Authentication Method (EAM) and SSE Private Access (ZTNA)
www.linkedin.com/posts/samuel...
#sse #sase #microsoft #entra #entraid
Great content! π
28.01.2025 16:55 β π 1 π 0 π¬ 0 π 0Excellent news! Is it too much to ask for the inclusion of Workload ID premium features for this app? π
07.01.2025 14:04 β π 1 π 0 π¬ 0 π 0π―agree. Since all network destinations and segments are represented by an app, the possibilities become limitless. Combine this with Entra ID Governance for self-service, approval, access review, and audit trails π₯π₯
07.12.2024 09:50 β π 3 π 0 π¬ 1 π 0
Today is the day folks.
The new and updated Bluesky.ms is now live!
Go add yourself. I'll share a detailed step by step...
Thank you for a great video π
Entra supports attenstation of the Microsoft Authenticator app (iOS/Android)
iOS: Uses the iOS App Attest service
Android: Uses the Play Integrity API
Once we have native built-in capabilities to remove or scramble the password in Entra, passwordless options for self-remediation of ID protection risks, universal passkey support et.c., everything will come together.
02.12.2024 16:34 β π 1 π 0 π¬ 1 π 0
By the way, am I misunderstanding this? @merill.net
02.12.2024 15:15 β π 1 π 0 π¬ 0 π 0Got it, I appreciate you taking the time to respond.
02.12.2024 15:11 β π 1 π 0 π¬ 0 π 0A user has a passkey and MS auth app with push registered, and initiates a SSPR. The SSPR wizard suggests verification with app + push (and no other alternatives). Why not the most secure way, using the passkey? Any idea? @merill.net @jeftek.com @nathanmcnulty.com
02.12.2024 14:57 β π 2 π 0 π¬ 2 π 0Does @ mentioning work for Linkedin?
24.11.2024 09:04 β π 1 π 0 π¬ 2 π 0Would have loved BYOD/unmanaged device support in H1 2025 instead
21.11.2024 18:54 β π 2 π 0 π¬ 0 π 0MFA requirement for Register security information, using TAP for secure bootstrapping to phishing-resistant authentication methods such as passkeys. This is the way.
13.11.2024 21:59 β π 1 π 0 π¬ 0 π 0
Iβm referring to this capability with a DC agent.
techcommunity.microsoft.com/blog/identit...
Then I guess "On-prem MFA" will require the full SKU?
13.11.2024 13:26 β π 0 π 0 π¬ 1 π 0
![Morten Knudsen [MVP]](https://cdn.bsky.app/img/avatar/plain/did:plc:4p3ooh7x25agubn567njegtp/bafkreibfx4dpxtmkcucfzkjp5nvnho7fk5uyytaacc6wt6bun6r2mio7yi@jpeg)
![Jan Ketil Skanke [MVP]](https://cdn.bsky.app/img/avatar/plain/did:plc:abkard6fhdsew5i4bqa3lxgs/bafkreiawk2d3vphvyj3oqcq4m2igzzqeos5qrgqmmpp5qyw7m2776gljvq@jpeg)
![Peter Daalmans [MVP]](https://cdn.bsky.app/img/avatar/plain/did:plc:4k5d7ytzf77y45b77imzuw3v/bafkreide4boypexnzmsoev5ojg6tzkmcqf6ac6xfph6za4rxuatapoykli@jpeg)
